KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
OpenID Connect Federation enables trust establishment at scale and is being deployed to do so in Europe.
A key question when granting access to resources is “Who do you trust?”. It’s often important to know who the party is that you’re interacting with and whether they’ve agreed to the terms and conditions that apply when accessing a resource.
OpenID Connect enables identities of participants to be securely established but doesn’t answer the question of whether a participant is trusted to access a resource such as your personal data. A complementary mechanism is needed to do that. In small-scale and static deployments, it’s possible to keep a list of the trusted participants. However, in large-scale and dynamic deployments, that doesn’t scale.
This presentation will describe how the OpenID Connect Federation protocol enables scalable trust establishment with dynamic policies. It does so by employing trust hierarchies of authorities, each of which are independently administered. Examples of authorities are federation operators, organizations, departments within organizations, and individual sites.
Two OpenID Connect Federations are deployed in Italy, enabling secure access to digital services operated by Italian public and private services with Italian digital identities. This presentation will also describe why OpenID Connect Federation was selected for them and how it meets their needs. OpenID Connect Federation is being used by the GAIN PoC. A public deployment is also being planned in Sweden.
OpenID Connect Federation enables trust establishment at scale and is being deployed to do so in Europe.
A key question when granting access to resources is “Who do you trust?”. It’s often important to know who the party is that you’re interacting with and whether they’ve agreed to the terms and conditions that apply when accessing a resource.
OpenID Connect enables identities of participants to be securely established but doesn’t answer the question of whether a participant is trusted to access a resource such as your personal data. A complementary mechanism is needed to do that. In small-scale and static deployments, it’s possible to keep a list of the trusted participants. However, in large-scale and dynamic deployments, that doesn’t scale.
This presentation will describe how the OpenID Connect Federation protocol enables scalable trust establishment with dynamic policies. It does so by employing trust hierarchies of authorities, each of which are independently administered. Examples of authorities are federation operators, organizations, departments within organizations, and individual sites.
Two OpenID Connect Federations are deployed in Italy, enabling secure access to digital services operated by Italian public and private services with Italian digital identities. This presentation will also describe why OpenID Connect Federation was selected for them and how it meets their needs. OpenID Connect Federation is being used by the GAIN PoC. A public deployment is also being planned in Sweden.
During the last 3 years we have seen a significant uptake on decoupled authorizations solutions, the main drivers behind this is a move to the cloud, micros services and ZT implementations. In this speech Gustaf Kaijser will walk you through the feedback he has been getting from the organisations that have implemented OPA based solutions the last years, and the significant gains that they have seen in:
A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.
Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?
As an identity professional, you're constantly studying and reviewing new technologies, new protocols, and new products within the space but you struggle for the best way to extract the value of these new shiny, items to benefit your organization. You've been told that a well-developed identity architecture plan is the best way solve business challenges and produce concrete results but your research and fully-notated diagrams have failed to engage your peers. |
In this session, we will explore how technology is playing a crucial role in decarbonization efforts. We will discuss how Customer Identity and Access Management (CIAM) can enable digital transformation and support the energy transition. Additionally, we will delve into the benefits of using Centralized Entity Management to provide customers with a single ID across all digital channels, improving the user experience and enabling personalized interactions. Finally, we will emphasize the importance of a secure customer journey and persona composition to protect sensitive data, ensure customer trust and regulatory compliance, such as GDPR. Join us to learn how these key components can help drive a sustainable and customer-centric future.
Learn about:
How does a Financial Institution deploy a Zero Trust Model where employees and consumers need access to so much vital data in near real time.
In the current economical climate many companies are facing the need to restructure the operations to ensure efficieny and profitability.
This does in some cases result in layoffs but is also means that projects are cancelled and the staff that was assigned to these projects are freed up for other efforts. In IAM terms the results is a lot of movers in the organisation which traditionally has been a usecase that has been challenging to efficiently support.
How do we help the business and support the need for assignment based access to ensure efficient usage of staff? This talk will look at the lessons learned from implementing assigned based access at a global retailer. It may also include Swedish meatballs, flatpack furniture and moose hunting towers.
Cybersecurity practitioners agree that Identity is now at the heart of everything we do. A variety of inescapable forces have brought us to this point and our success in the next years depends critically on how well we exploit the strategically placed Identity center piece. Rising to this challenge requires our accumulated business analysis and deployment experience as well as the power of modern Identity platforms. Critical to realizing this vision is an integrated set of connected identity services that communicate seamlessly within the identity fabric but also across the wider Cyber security ecosystem. One Identity lives and breathes connected Identity, and we are happy to share our experience helping organizations achieve value from connected identity security models. Whether you are struggling to integrate your existing Identity silos, wondering what Zero Trust means for identity or looking to new Identity services like PBAC and decentralized identity, One Identity's innovative approach and design patterns shared in this session will be of interest.
Takeaways:
Managing access is a critical capability for the IT infrastructure of any enterprise, especially when dealing with over 6,800 integrated applications used by millions of authentication requests. Due to the increasing demand for availability, scalability, and support for market-specific customizations, as well as the migration of more products and applications to the cloud, we had to migrate our infrastructure and application stack to the AWS cloud. This stack had been introduced in an on-premises setup in 2017 and now follows modern paradigms such as GitOps, Everything as Code, and highly automated processes based on Service Layers and ForgeRock. Our main concern was ensuring that the integrated application landscape remained functional during the migration without experiencing any impact or downtime.
During this presentation, we will share our experience and discuss the key takeaways from our successful large-scale production system migration to the cloud, including:
Companies are facing increasingly complex security threats. Many are struggling to assess their own security risks due to an inability to address potential issues as they arise, due to the breakneck pace at which issues are disclosed, and teams' ability to address said issues as they accumulate and because the huge number of security tools in use create diagnostic fatigue.
Vulnerability management programs rarely ever match the overall scale of the organization, boosting the number of potential points of exposure. What's more, besides vulnerabilities, attackers are increasingly leveraging exposures such as misconfigurations and stolen credentials to gain access to companies' core business. Because of this, attack paths to critical assets are often overlooked or identified too late.
Instead of looking at vast numbers of isolated issues, XM Cyber aggregates them into an attack graph to proactively identify hidden attack paths and weaknesses in both the cloud and on-premises. XM Cyber helps organizations efficiently address the issues that can have the greatest impact on organizational risk. Then teams can eliminate attack paths at critical junctures, i.e., choke points, in order to achieve ultra-efficient risk remediation.
Authorization (AuthZ) and Authentication (AuthN) go hand in hand in ensuring zero-trust in your system landscape. But while scaling identity can be done by centralizing it in an IAM solution, centralizing authorization is seldom a scalable solution. Increased latency, varying requirements and maintainability are all key reasons to want a more decentralized solution that can adapt and scale.
In this talk we will describe how to use Open Policy Agent (OPA) to achieve decentralized authorization in a multi-platform API landscape, including both modern and legacy platforms, while simultanously ensuring centralized compliance controls and enforcement.